37 lines
1.3 KiB
Plaintext
37 lines
1.3 KiB
Plaintext
$OpenBSD: patch-source_file_c,v 1.2 2001/10/31 08:03:19 form Exp $
|
|
--- source/file.c.orig Thu Sep 27 19:41:01 2001
|
|
+++ source/file.c Wed Oct 31 13:37:26 2001
|
|
@@ -1042,7 +1042,12 @@ void PrintWindow(WindowInfo *window, int
|
|
*/
|
|
void PrintString(const char *string, int length, Widget parent, const char *jobName)
|
|
{
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ static char template[] = "/var/tmp/nedit-XXXXXXXXXX";
|
|
+ char tmpFileName[sizeof(template)];
|
|
+#else
|
|
char tmpFileName[L_tmpnam]; /* L_tmpnam defined in stdio.h */
|
|
+#endif
|
|
FILE *fp;
|
|
int fd;
|
|
|
|
@@ -1053,6 +1058,10 @@ void PrintString(const char *string, int
|
|
1. Create a filename
|
|
2. Open the file with the O_CREAT|O_EXCL flags
|
|
So all an attacker can do is a DoS on the print function. */
|
|
+#ifdef HAVE_MKSTEMP
|
|
+ strcpy(tmpFileName, template);
|
|
+ if ((fd = mkstemp(tmpFileName)) < 0 || (fp = fdopen(fd, "w")) == NULL) {
|
|
+#else
|
|
tmpnam(tmpFileName);
|
|
|
|
/* open the temporary file */
|
|
@@ -1061,6 +1070,8 @@ void PrintString(const char *string, int
|
|
#else
|
|
if ((fd = open(tmpFileName, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR | S_IWUSR)) < 0 || (fp = fdopen(fd, "w")) == NULL) {
|
|
#endif /* VMS */
|
|
+#endif /* HAVE_MKSTEMP */
|
|
+
|
|
DialogF(DF_WARN, parent, 1, "Unable to write file for printing:\n%s",
|
|
"Dismiss", errorString());
|
|
return;
|